[discourse_docker.git] / README.md

### About

- [Docker](https://www.docker.io/) is an open source project to pack, ship and run any Linux application in a lighter weight, faster container than a traditional virtual machine.

- Docker makes it much easier to deploy [a Discourse forum](https://github.com/discourse/discourse) on your servers and keep it updated. For background, see [Sam's blog post](http://samsaffron.com/archive/2013/11/07/discourse-in-a-docker-container). 
- 
- The templates and base image configure Discourse with the Discourse team's recommended optimal defaults. 


### IMPORTANT: Before you start

1. Run docker and launcher as root.
2. Use [Ubuntu 12.04 LTS](http://releases.ubuntu.com/precise/) or [Ubuntu 13.04](http://releases.ubuntu.com/13.04/) or [Ubuntu 13.10](http://releases.ubuntu.com/13.10/). Device mapper support in docker is still rough.
3. Upgrade to the [latest version of Docker](http://docs.docker.io/en/latest/installation/ubuntulinux/).
4. Install Discourse docker into `/var/docker`

### Getting started

The simplest way to get started is the  **standalone** template:

1. **Clone** this project from github: `git clone https://github.com/SamSaffron/discourse_docker.git /var/docker`
2. **Copy** the standalone sample into the containers directory: `cp samples/standalone.yml containers/app.yml`
3. **Edit** `containers/app.yml` with your environment specific information
  - [bindings](#expose)
  - [volumes](#volumes) (make sure you create the appropriate directories on the host)
4. **Bootstrap** the image: `sudo ./launcher bootstrap app`
5. **Start** the image: `sudo ./launcher start app`

Note: you can add yourself to the docker group if you wish to avoid `sudo` with `usermod -aG docker <your-user-name>`.

### Directory Structure

#### `/cids`

Contains container ids for currently running Docker containers. cids are Docker's "equivalent" of pids. Each container will have a unique git like hash.

#### `/containers`

This directory is to contain container definitions for your various Discourse containers. You are in charge of this directory, it ships empty.

#### `/samples`

Sample container definitions you may use to bootstrap your environment. You can copy and amend templates here into the containers directory.

#### `/shared`

Placeholder spot for shared volumes with various Discourse containers. You may elect to store certain persistent information outside of a container, in our case we keep various logfiles and upload directory outside. This allows you to rebuild containers easily without losing important information. Keeping uploads outside of the container allows you to share them between multiple web instances.

#### `/templates`

[pups](https://github.com/samsaffron/pups) managed pups templates you may use to bootstrap your environment.

#### `/image`

Dockerfile for both the base image `samsaffron/discoruse_base` and discourse image `samsaffron/discourse`.

- `samsaffron/discourse_base` contains all the OS dependencies including sshd, runit, postgres, nginx, ruby.

- `samsaffron/discourse` builds on the base image and configures a discourse user and `/var/www/discourse` directory for the Discourse source.

The Docker repository will always contain the latest built version at: https://index.docker.io/u/samsaffron/discourse/ , you should not need to build the base image.

### Launcher

The base directory contains a single bash script which is used to manage containers. You can use it to "bootstrap" a new container, ssh in, start, stop and destroy a container.

```
Usage: launcher COMMAND CONFIG
Commands:
    start:      Start/initialize a container
    stop:       Stop a running container
    restart:    Restart a container
    destroy:    Stop and remove a container
    ssh:        Start a bash shell in a running container
    logs:       Docker logs for container
    bootstrap:  Bootstrap a container for the config based on a template
```


### About the container configuration

The beginning of the container definition will contain 3 "special" sections:

#### templates:

```
templates:
  - "templates/cron.template.yml"
  - "templates/postgres.template.yml"
```

This template is "composed" out of all these child templates, this allows for a very flexible configuration struture. Furthermore you may add specific hooks that extend the templates you reference.

#### expose:

```
expose:
  - "2222:22"
```

Expose port 22 inside the container on port 2222 on ALL local host interfaces.


#### volumes:

```
volumes:
  - volume:
      host: /var/docker/data
      guest: /shared

```

Expose a directory inside the host inside the container.

### Upgrading discourse

The docker setup gives you multiple upgrade options:

1. You can use the front end at http://yoursite.com/admin/docker to upgrade an already running image.

2. You can create a new base image by running:
  - `./launcher bootstrap my_image`
  - `./launcher destroy my_image`
  - `./launcher start my_image`

### Single container vs. Multiple container

The samples directory contains a standalone (single container) template. This template will bundle all of the programs required to run discourse into a single container. The advantage is that it is very easy to get started as you do not need to wire up communications between containers.

However, the disadvantage is that the bootstrapping process will launch a new postgres instance, having 2 postgres instances running against a single directory can lead to unexpected results. Due to that, if you are ever to bootstrap the `standalone` template again you should first stop the existing container.

A multi images setup allows you to bootstrap new web processes while your site is running and only after it is built, switch the new image in. The setup is far more flexible and robust, however is a bit more complicated to setup. See the `data.yml` and `web_only.yml` templates in the samples directory. To ease this process, `launcher` will inject an env var called `DISCOURSE_HOST_IP` which will be available inside the image.

WARNING: If you launch multiple images, **make sure** you setup iptables or some other firewall to protect various ports (for postgres/redis).

### Email setup

For a Discourse instance to function properly Email must be setup. Use the `SMTP_URL` env var to set your SMTP address, see sample templates for an example. The docker image does not contain postfix, exim or another MTA, it was omitted because it is very tricky to set up correctly.

### Troubleshooting

It is strongly recommended you have ssh access to your running containers, this allows you very easily take sneak peak of the internals. Simplest way to gain access is:

1. Run a terminal as root
2. cd `~/.ssh`
3. `ssh-key-gen`
4. paste the contents of `id_rsa.pub` into your templates (see placeholder in samples)
5. bootstrap and run your container
6. `./launcher ssh my_container`

### Security

Directory permissions in Linux are sid based, if your sids on the host do not match the sids in the guest, permissions will mismatch. On clean installs you can ensure they are in sync by looking at `/etc/passwd` and `/etc/group`, the discourse account will have the sid 1000.
Commit	Line	Data
408a9c19 SS	1	### About
408a9c19 SS	2
8200fe05 JA	3	- [Docker](https://www.docker.io/) is an open source project to pack, ship and run any Linux application in a lighter weight, faster container than a traditional virtual machine.
	4
	5	- Docker makes it much easier to deploy [a Discourse forum](https://github.com/discourse/discourse) on your servers and keep it updated. For background, see [Sam's blog post](http://samsaffron.com/archive/2013/11/07/discourse-in-a-docker-container).
526d7f2a	6	-
faa6f226	7	- The templates and base image configure Discourse with the Discourse team's recommended optimal defaults.
408a9c19	8
2a438fb6	9
faa6f226	10	### IMPORTANT: Before you start
2a438fb6	11
8200fe05	12	1. Run docker and launcher as root.
faa6f226 JA	13	2. Use [Ubuntu 12.04 LTS](http://releases.ubuntu.com/precise/) or [Ubuntu 13.04](http://releases.ubuntu.com/13.04/) or [Ubuntu 13.10](http://releases.ubuntu.com/13.10/). Device mapper support in docker is still rough.
	14	3. Upgrade to the [latest version of Docker](http://docs.docker.io/en/latest/installation/ubuntulinux/).
	15	4. Install Discourse docker into `/var/docker`
2a438fb6	16
58584176	17	### Getting started
cd0f828e	18
8200fe05	19	The simplest way to get started is the standalone template:
cd0f828e	20
2a438fb6	21	1. Clone this project from github: `git clone https://github.com/SamSaffron/discourse_docker.git /var/docker`
18d0278e RH	22	2. Copy the standalone sample into the containers directory: `cp samples/standalone.yml containers/app.yml`
18d0278e RH	23	3. Edit `containers/app.yml` with your environment specific information
58584176	24	- [bindings](#expose)
851af3a4	25	- [volumes](#volumes) (make sure you create the appropriate directories on the host)
18d0278e RH	26	4. Bootstrap the image: `sudo ./launcher bootstrap app`
18d0278e RH	27	5. Start the image: `sudo ./launcher start app`
cd0f828e	28
58584176	29	Note: you can add yourself to the docker group if you wish to avoid `sudo` with `usermod -aG docker <your-user-name>`.
cd0f828e	30
408a9c19 SS	31	### Directory Structure
408a9c19 SS	32
8200fe05	33	#### `/cids`
408a9c19 SS	34
	35	Contains container ids for currently running Docker containers. cids are Docker's "equivalent" of pids. Each container will have a unique git like hash.
	36
8200fe05	37	#### `/containers`
408a9c19 SS	38
	39	This directory is to contain container definitions for your various Discourse containers. You are in charge of this directory, it ships empty.
	40
8200fe05	41	#### `/samples`
408a9c19 SS	42
	43	Sample container definitions you may use to bootstrap your environment. You can copy and amend templates here into the containers directory.
	44
8200fe05	45	#### `/shared`
408a9c19 SS	46
	47	Placeholder spot for shared volumes with various Discourse containers. You may elect to store certain persistent information outside of a container, in our case we keep various logfiles and upload directory outside. This allows you to rebuild containers easily without losing important information. Keeping uploads outside of the container allows you to share them between multiple web instances.
	48
8200fe05	49	#### `/templates`
408a9c19 SS	50
	51	[pups](https://github.com/samsaffron/pups) managed pups templates you may use to bootstrap your environment.
	52
8200fe05	53	#### `/image`
408a9c19 SS	54
	55	Dockerfile for both the base image `samsaffron/discoruse_base` and discourse image `samsaffron/discourse`.
	56
faa6f226	57	- `samsaffron/discourse_base` contains all the OS dependencies including sshd, runit, postgres, nginx, ruby.
408a9c19	58
faa6f226	59	- `samsaffron/discourse` builds on the base image and configures a discourse user and `/var/www/discourse` directory for the Discourse source.
408a9c19 SS	60
	61	The Docker repository will always contain the latest built version at: https://index.docker.io/u/samsaffron/discourse/ , you should not need to build the base image.
	62
58584176	63	### Launcher
408a9c19 SS	64
	65	The base directory contains a single bash script which is used to manage containers. You can use it to "bootstrap" a new container, ssh in, start, stop and destroy a container.
	66
	67	```
	68	Usage: launcher COMMAND CONFIG
	69	Commands:
	70	start: Start/initialize a container
	71	stop: Stop a running container
	72	restart: Restart a container
	73	destroy: Stop and remove a container
	74	ssh: Start a bash shell in a running container
	75	logs: Docker logs for container
	76	bootstrap: Bootstrap a container for the config based on a template
	77	```
	78
408a9c19	79
58584176	80	### About the container configuration
408a9c19	81
faa6f226	82	The beginning of the container definition will contain 3 "special" sections:
408a9c19	83
58584176	84	#### templates:
408a9c19 SS	85
	86	```
	87	templates:
	88	- "templates/cron.template.yml"
	89	- "templates/postgres.template.yml"
	90	```
	91
faa6f226	92	This template is "composed" out of all these child templates, this allows for a very flexible configuration struture. Furthermore you may add specific hooks that extend the templates you reference.
408a9c19	93
58584176	94	#### expose:
408a9c19 SS	95
	96	```
	97	expose:
	98	- "2222:22"
	99	```
	100
	101	Expose port 22 inside the container on port 2222 on ALL local host interfaces.
	102
	103
58584176	104	#### volumes:
408a9c19 SS	105
	106	```
	107	volumes:
	108	- volume:
	109	host: /var/docker/data
	110	guest: /shared
	111
	112	```
	113
	114	Expose a directory inside the host inside the container.
	115
58584176	116	### Upgrading discourse
c57d9880 SS	117
	118	The docker setup gives you multiple upgrade options:
	119
	120	1. You can use the front end at http://yoursite.com/admin/docker to upgrade an already running image.
	121
	122	2. You can create a new base image by running:
	123	- `./launcher bootstrap my_image`
	124	- `./launcher destroy my_image`
	125	- `./launcher start my_image`
	126
faa6f226	127	### Single container vs. Multiple container
c57d9880	128
faa6f226	129	The samples directory contains a standalone (single container) template. This template will bundle all of the programs required to run discourse into a single container. The advantage is that it is very easy to get started as you do not need to wire up communications between containers.
c57d9880 SS	130
	131	However, the disadvantage is that the bootstrapping process will launch a new postgres instance, having 2 postgres instances running against a single directory can lead to unexpected results. Due to that, if you are ever to bootstrap the `standalone` template again you should first stop the existing container.
	132
58584176	133	A multi images setup allows you to bootstrap new web processes while your site is running and only after it is built, switch the new image in. The setup is far more flexible and robust, however is a bit more complicated to setup. See the `data.yml` and `web_only.yml` templates in the samples directory. To ease this process, `launcher` will inject an env var called `DISCOURSE_HOST_IP` which will be available inside the image.
c57d9880	134
58584176 RH	135	WARNING: If you launch multiple images, make sure you setup iptables or some other firewall to protect various ports (for postgres/redis).
	136
	137	### Email setup
2e2e7049	138
faa6f226	139	For a Discourse instance to function properly Email must be setup. Use the `SMTP_URL` env var to set your SMTP address, see sample templates for an example. The docker image does not contain postfix, exim or another MTA, it was omitted because it is very tricky to set up correctly.
2e2e7049	140
58584176	141	### Troubleshooting
c57d9880 SS	142
	143	It is strongly recommended you have ssh access to your running containers, this allows you very easily take sneak peak of the internals. Simplest way to gain access is:
	144
	145	1. Run a terminal as root
	146	2. cd `~/.ssh`
	147	3. `ssh-key-gen`
	148	4. paste the contents of `id_rsa.pub` into your templates (see placeholder in samples)
	149	5. bootstrap and run your container
	150	6. `./launcher ssh my_container`
	151
58584176	152	### Security
c57d9880 SS	153
c57d9880 SS	154	Directory permissions in Linux are sid based, if your sids on the host do not match the sids in the guest, permissions will mismatch. On clean installs you can ensure they are in sync by looking at `/etc/passwd` and `/etc/group`, the discourse account will have the sid 1000.